Microsoft is to release six patches next week to cover vulnerabilities in its Windows operating systems and its Office application suite.
For its monthly Patch Tuesday, six bulletins (three critical and three important) will address 15 vulnerabilities, although no patches are offered for Windows 7.
Jerry Bryant, security program manager for Microsoft Security Response Center, said: “Customers should plan a restart for the Windows bulletins. The Office bulletins may not require a restart if the components being updated are not in use.”
Andrew Clarke, senior vice president of Lumension, said: “While many IT departments are still working through the large number of patches delivered last month from Microsoft, Oracle, Adobe and others, here is where we currently stand for November.
“In addition to Microsoft's round of patches, a bug has been discovered in Linux that gives untrusted users root access. Red Hat has patches available for versions four and five of RHEL and MRG. Another recently discovered SSL flaw, which aids in facilitating a man-in-the-middle attack, is expected to bring a large number of patches in the near term from multiple vendors.
“We won't see anything to remediate this flaw on Patch Tuesday, but if a number of active exploits start to appear in the wild, then we will most likely see out-of-band patches issued from pretty much every vendor as it is such a widely used protocol.”